A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN clients

Authors: Vasile C. Perta (Sapienza University of Rome), Marco V. Barbera (Sapienza University of Rome), Gareth Tyson (Queen Mary University of London), Hamed Haddadi (Queen Mary University of London), Alessandro Mei (Sapienza University of Rome)

Volume: 2015
Issue: 1
Pages: 77–91
DOI: https://doi.org/10.1515/popets-2015-0006

Download PDF

Abstract: Commercial Virtual Private Network (VPN) services have become a popular and convenient technology for users seeking privacy and anonymity. They have been applied to a wide range of use cases, with commercial providers often making bold claims regarding their ability to fulfil each of these needs, e.g., censorship circumvention, anonymity and protection from monitoring and tracking. However, as of yet, the claims made by these providers have not received a sufficiently detailed scrutiny. This paper thus investigates the claims of privacy and anonymity in commercial VPN services. We analyse 14 of the most popular ones, inspecting their internals and their infrastructures. Despite being a known issue, our experimental study reveals that the majority of VPN services suffer from IPv6 traffic leakage. The work is extended by developing more sophisticated DNS hijacking attacks that allow all traffic to be transparently captured. We conclude discussing a range of best practices and countermeasures that can address these vulnerabilities.

Keywords: VPN, IPV6, DNS hijacking

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs license.